Contact us today.Phone: +1 888 282 0696Email: sales@aurorait.com

EAR Compliance and “Technical Data” Explained

EAR ComplianceAlthough EAR Compliance has been around for quite some time now, IT security has just begun to become a major tenant it’s requirements. One of the most important components to understand, in respect to EAR Compliance, is what exactly classifies as EAR regulated items or “Deemed Exports”. The definitions have always been a tad difficult to understand. On a basic level, “deemed exports” are any goods that could function in both a consumer, and military environment. There are several categories as defined in the “Commerce Control List” (CCL) that can give one a starting point in classifying goods. However, as data and information in hard drives has become common place in business, the data surrounding the exports themselves have also become EAR Sensitive and are must be treated with the same precautions that one would take in handling tangible items that are “Deemed Exports”. This data is referred to as Technical Data and can include anything from user manuals to assembly instructions.

            For example, a hobby/toy company may outsource the manufacturing of its RC Helicopters to a Chinese company. While their intentions may be recreational, the CCL could categorize this technology as Dual Use as the technology could be used to manufacture drones. Thus, the organization must pay close attention in regards to who has access to technical data. In this scenario, the instructions on how to manufacture could be the technical data surrounding the product. If these instructions were emailed to the Chinese Manufacturer, and accessed by a non-US citizen, the American hobby/toy company would be under direct violation of EAR regulations by exporting sensitive technical data to a non-US citizen. In order to be EAR Compliant in this situation, the company would have had to identify its sensitive data, consolidate it, and put in place the right protection and controls to make sure only those authorized are able to access it.

 


Contact us at sales@aurorait.com or call 888-282-0696 to learn more about how Aurora can help your organization with IT, consulting, compliance, assessments, managed services, or cybersecurity needs.

Recent Posts

People Management In Cybersecurity

Adopting a people-centric approach to cybersecurity In October 2023, the CISA-led Cybersecurity Awareness Month celebrated its 20th anniversary. The annual event which premiered in 2004,

Read now